The goal of Captcha is to validate that a current session user is an actual person and not just a scam machine (Bot).Moreover, another fundamental functionality that is recommended to be added is the forget password link.However, in this article, we just focus on the log (in-out) normal scenario.
Below, I explain each JSP step for the login process.: This file contains the HTML login form written within the JSP tags.If the element complies than sufunction returns an empty string.Otherwise it returns a message describing the error and highlight appropriate element with yellow.The method is used to fetch the parameter value using its name as set in the Login form.
The first rule of validation is to check If the username and the password are actually included in the HTTP request sent to the check file.
For the simplicity purpose of this example, we hard coded the values "admin" and "admin" as the username and password record that must be matched with the passed parameters.
The professional practice of this step is to apply the validation with the records available in the database (e.g., My SQL, PGSQL ..etc).
At the end, after all the validation checks are passed successfully, new JSP attribute is added to the current session with the value of username parameter.
In our case, the attribute name is also username but its value is whatever included in the passed username parameter.
If you run a validation of the users form input before the form is submitted, there will be no wait time and redundant load on the server.